Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...

This dangerous APT has expanded its skills with some new tools - here's what we know

Mustang Panda gave CoolClient new bells and whistles, including clipboard monitoring.
Bleeping Computer

New VoidLink malware framework targets Linux cloud servers

A newly discovered advanced cloud-native Linux malware framework named VoidLink focuses on cloud environments, providing attackers with custom loaders, implants, rootkits, and plugins designed for ...
IEEE

Rootkit Detection Using Hybrid Machine Learning Models and Deep Learning Model: Implementation

Abstract: Rootkits are a type of malicious software designed to exploit system vulnerabilities and evade detection by traditional security mechanisms. This study proposes a comprehensive approach for ...
IEEE

Improvise, Adapt, Overcome: Dynamic Resiliency Against Unknown Attack Vectors in Microgrid Cybersecurity Games

Abstract: Cyber-physical microgrids are vulnerable to rootkit attacks that manipulate system dynamics to create instabilities in the network. Rootkits tend to hide their access level within microgrid ...
GitHub

Singularity - Stealthy Linux Kernel Rootkit

"Shall we give forensics a little work?" Singularity is a powerful Linux Kernel Module (LKM) rootkit designed for modern 6.x kernels. It provides comprehensive stealth capabilities through advanced ...